Difference between revisions of "Template:ESWPaul169"

From Security Weekly Wiki
Jump to navigationJump to search
Line 5: Line 5:
 
#[https://www.helpnetsecurity.com/2020/01/21/micropatch-cve-2020-0674/ Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects - Help Net Security] - If I still had to support Windows 7, I'd consider this: ''Since the February Patch Tuesday is quite a while away and since Windows 7 and Windows Server 2008 R2 users without Extended Security Updates might not get the patch at all, ACROS Security decided to provide a micropatch that simulates the offered workaround (restricts access to the vulnerable JScript.dll) without its negative side effects (reduced functionality for components or features that rely on that particular .dll).''
 
#[https://www.helpnetsecurity.com/2020/01/21/micropatch-cve-2020-0674/ Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects - Help Net Security] - If I still had to support Windows 7, I'd consider this: ''Since the February Patch Tuesday is quite a while away and since Windows 7 and Windows Server 2008 R2 users without Extended Security Updates might not get the patch at all, ACROS Security decided to provide a micropatch that simulates the offered workaround (restricts access to the vulnerable JScript.dll) without its negative side effects (reduced functionality for components or features that rely on that particular .dll).''
 
#[https://www.helpnetsecurity.com/2020/01/22/stealthbits-stealthrecover-1-5/ STEALTHbits StealthRECOVER 1.5: Easier and faster AD rollback and recovery - Help Net Security]
 
#[https://www.helpnetsecurity.com/2020/01/22/stealthbits-stealthrecover-1-5/ STEALTHbits StealthRECOVER 1.5: Easier and faster AD rollback and recovery - Help Net Security]
#[http://www.globalsecuritymag.com/New-Kaspersky-Sandbox-automates,20200120,94761.html New Kaspersky Sandbox automates protection from advanced threats]
+
#[http://www.globalsecuritymag.com/New-Kaspersky-Sandbox-automates,20200120,94761.html New Kaspersky Sandbox automates protection from advanced threats] - ''According to a Kaspersky survey of IT decision-makers, 47% of SMBs and 51% of enterprises say that it is becoming more difficult to differentiate between generic and advanced attacks. This means security analysts have to spend time evaluating numerous suspicious files instead of focusing on investigating, and responding to, the most critical threats. This could be even more challenging, as larger SMBs and small enterprises face an IT security talent shortage, so all the responsibilities of managing security fall on the shoulders of IT departments. '' While true, but not all sandboxes are the same...I'd look at some of the smaller startups, like Intezer or VMRay, but would also consider some of the free ones as well.
 
#[http://www.globalsecuritymag.com/ServiceNow-to-Acquire-Loom-Systems,20200122,94873.html ServiceNow to Acquire Loom Systems]
 
#[http://www.globalsecuritymag.com/ServiceNow-to-Acquire-Loom-Systems,20200122,94873.html ServiceNow to Acquire Loom Systems]
 
#[http://www.globalsecuritymag.com/Sysdig-Closes-70M-in-Series-E,20200122,94870.html Sysdig Closes $70M in Series E Funding to Enable Enterprises to Confidently Secure Cloud-Native Workloads in Production]
 
#[http://www.globalsecuritymag.com/Sysdig-Closes-70M-in-Series-E,20200122,94870.html Sysdig Closes $70M in Series E Funding to Enable Enterprises to Confidently Secure Cloud-Native Workloads in Production]
 
#[https://www.scmagazine.com/home/security-news/corporate-news/fireeye-adds-cloudvisory-to-its-stable/ FireEye adds Cloudvisory to its stable | SC Media]
 
#[https://www.scmagazine.com/home/security-news/corporate-news/fireeye-adds-cloudvisory-to-its-stable/ FireEye adds Cloudvisory to its stable | SC Media]
 
#[https://www.centralcharts.com/en/news/2470098-flashpoint-introduces-compromised-credentials-monitoring-helping-organizations-lessen-exposure-from-breaches-leaks Flashpoint Introduces Compromised Credentials Monitoring, Helping Organizations Lessen Exposure from Breaches, Leaks]
 
#[https://www.centralcharts.com/en/news/2470098-flashpoint-introduces-compromised-credentials-monitoring-helping-organizations-lessen-exposure-from-breaches-leaks Flashpoint Introduces Compromised Credentials Monitoring, Helping Organizations Lessen Exposure from Breaches, Leaks]

Revision as of 16:55, 22 January 2020

  1. New infosec products of the week: January 17, 2020 - Help Net Security
  2. Security Compass secures funding to enhance solutions portfolio and accelerate growth - Help Net Security - Not entirely certain how they help organizations, looks like they have products as well as services. Requires more digging to identify the value, seems to be a source analyzer...
  3. CyberArk's new just-in-time access capabilities help reduce risk and improve operational efficiency - Help Net Security - Great features here, all it takes is one production outage or security event and the business can make it really difficult to get code tested and deployed. These features will help organizations be more agile.
  4. Waterfall Security Solutions secures significant new funding round - Help Net Security
  5. Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects - Help Net Security - If I still had to support Windows 7, I'd consider this: Since the February Patch Tuesday is quite a while away and since Windows 7 and Windows Server 2008 R2 users without Extended Security Updates might not get the patch at all, ACROS Security decided to provide a micropatch that simulates the offered workaround (restricts access to the vulnerable JScript.dll) without its negative side effects (reduced functionality for components or features that rely on that particular .dll).
  6. STEALTHbits StealthRECOVER 1.5: Easier and faster AD rollback and recovery - Help Net Security
  7. New Kaspersky Sandbox automates protection from advanced threats - According to a Kaspersky survey of IT decision-makers, 47% of SMBs and 51% of enterprises say that it is becoming more difficult to differentiate between generic and advanced attacks. This means security analysts have to spend time evaluating numerous suspicious files instead of focusing on investigating, and responding to, the most critical threats. This could be even more challenging, as larger SMBs and small enterprises face an IT security talent shortage, so all the responsibilities of managing security fall on the shoulders of IT departments. While true, but not all sandboxes are the same...I'd look at some of the smaller startups, like Intezer or VMRay, but would also consider some of the free ones as well.
  8. ServiceNow to Acquire Loom Systems
  9. Sysdig Closes $70M in Series E Funding to Enable Enterprises to Confidently Secure Cloud-Native Workloads in Production
  10. FireEye adds Cloudvisory to its stable | SC Media
  11. Flashpoint Introduces Compromised Credentials Monitoring, Helping Organizations Lessen Exposure from Breaches, Leaks